1. Now that I've gained a little more experience in PHP I see that STINGA is right. You would need to implement the check outside of the GUI, and do the check on the page that actually performs the registration. This will prevent Hackers/SPAMmers from posting data directly to that page.

2. A few people above changed the code above so that the error message told the SPAMmers why the registration didn't work. Then they began getting SPAM registrations with random strings. As stated earlier, I think it's best that you don't get too descriptive with your error message. You want humans to be able to register, but you don't want to give SPAMBOTS enough info to circumvent your checks above. I think an error like "Performing Maintenance" or "Contact Dan" works well!

I may switch back to virtuemart once the multi-vendor features are added, but for now I can't comment on later versions of virtuemart. I will be more than happy to try and help when possible though. Thanks for all the great feedback.

if($data['first_name'] == $data['last_name']) {vmError('Spam');$mainframe->enqueueMessage('This triggered the spam filter. If this is preventing you from placing an order, please call customer service.', 'error');return false;}I added it below the check to see if data was empty, near the top of the function, so my file looks like this: